Europe rebuffs US flight info data grab

The European Parliament has voted to stop the United States from collecting passenger data on EU citizens. The US Department of Homeland Security had sought access to the flight data, based on PNR (Passenger Name Records) but also including the passenger's email address, and a compromise was reached in January, although details only leaked out earlier this year.

Under the 1995 Privacy Directive, the Commission is required to "assess the level of data protection afforded by a third country in the light of all the circumstances surrounding a data transfer operation or set of data transfer operations". The MEPs resolution adopted by Parliament in a 229-202 vote, MEPs judged the level of data protection to be "inadequate".

The MEPs pointedly note that there is no legal precedent for using PNRs for "public security" and that "in the USA, the protection of privacy is not regarded as a fundamental right. In the USA, only US citizens are granted the right to data protection." Through private database companies who frequently act as government contractors, the US has acquired driving and medical records of millions of Latin Americans.

The MEPs rejected the January draft and want guarantees from the US that would allow passengers to correct their data, who exactly gets what information of for what purposes, and for how long, and the establishment of an independent appeals body.

It's a non-binding decision, which means that the European Commission, which is appointed rather than elected, and which negotiated the agreement with the US, is not obliged to obey. However, MEPs say that they will appeal to the European Court of Justice, if the EC ignores the Parliament's decision. ®